Hans-Georg Maassen, head of the Bundesamt für Verfassungsschutz, adds his voice to warnings of potential Russian interference in German elections. In the US, NSA Director Admiral Rogers says that an unnamed state (but they're all looking at you, Russia) made "a conscious effort" to affect the recent US elections via WikiLeaks. Mother Jones wants Congress to investigate (and they sound surprisingly more like Mr. Deeds than they do their eponymous Wobbly).
A Passcode op-ed argues that the US elections' big lesson is that everyone (especially politicians and their staffs) needs to do cyber security better. Foreign Policy observes that repressive regimes have found ways of turning social media to unfortunate advantage—Twitter's rise as the daystar in the false dawn of Iran's Green Revolution now seems like ancient history.
Huawei and ZTE scramble to reassure customers about the Adup backdoor Kryptowire researchers found in too many phones.
Enigma Software predicts a holiday cybercrime spike, and others, including Core Security and Skycure, offer advice on staying safe while shopping. (Skycure's even got a run-down on the riskiest mall Wi-Fi systems.)
Recorded Future peers into the mind of the cybercriminal. Readers of Freakonomics and watchers of Donnie Brasco won't be surprised to learn that low-level cyberhoods lack skills and don't make much.
In the UK, the Snooper's Charter passes the Lords.
Because the Russian government cares as much about personal privacy as it does about combinations in restraint of trade, a Russian court has ruled that the countries ISPs must block LinkedIn.
Today's issue includes events affecting Australia, China, Germany, Russia, United Kingdom, United States.
ON THE PODCAST
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at the Ben-Gurion University of the Negev, as USB maven Ran Yahalom talks about the latest in this kind of hardware attack. And our guest, John LaCour, CEO of Phishlabs, will talk us through the ever-dangerous landscape of phishing attacks. If you enjoy the podcast, please consider giving it an iTunes review.
AlienVault USM Webcast(Live Webcast, December 1, 2016) Find threats lurking on your systems with host-based intrusion detection and AlienVault USM.
Opinion: The election's hard cybersecurity lesson(Christian Science Monitor Passcode) While politicians, pollsters, and the public will look for lessons in this historic presidential election, one of the biggest takeaways is everyone needs to do a better job when it comes to protecting their data
Hillary Clinton Supporters Doxxing, Harassing Electoral College Voters(Heatstreet) Supporters of Democratic presidential candidate Hillary Clinton have already gotten more than 4 million signatures on a petition asking the Electoral College to toss Donald Trump’s victory. But some, apparently, aren’t content to simply vent their frustrations online
Chinese IoT Firm Siphoned Text Messages, Call Records(KrebsOnSecurity) A Chinese technology firm has been siphoning text messages and call records from cheap Android-based mobile smart phones and secretly sending the data to servers in China, researchers revealed this week
Shanghai surprise as cheap Android devices ‘phone home’ to China(Naked Security) If your business is a BYOD outfit, it might already have rock-solid rules to keep the network safe from lame passwords, dodgy apps, rooted phones, devices too old to get security updates (even if they’re brand new), unlocked screens, and the USB-stick-like ability to slather around malware
”New phone, who dis?” Huawei, ZTE respond to reports of secret back door in Android devices(Fast Company) In the wake of a New York Times report yesterday that millions of Android-based smart devices may contain a bug that sent consumers' private data to Chinese servers, Huawei and ZTE—two of the world's largest phone makers, which are based in Shenzhen, China, and who were also fingered as clients of the software developer, Shanghai Adups Technology Company—are hoping to tamp down concerns that their products were compromised. Since news broke of the "backdoor," fans and customers of both companies have scrambled to message boards looking for answers
Researchers identify domain-level service credential exploit(Help Net Security) CyberArk Labs unveiled new research detailing what it considers to be a significant risk across all Windows endpoints, including those on Windows 10 with Credential Guard enabled. The exploit could allow cyber attackers to harvest encrypted service credentials from the registry and inject them into a new malicious service to achieve lateral movement and full domain compromise
Example of Getting Analysts & Researchers Away(SANS Internet Storm Center) It is well-known that bad guys implement pieces of code to defeat security analysts and researchers. Modern malware's have VM evasion techniques to detect as soon as possible if they are executed in a sandbox environment. The same applies for web services like phishing pages or C&C control panels
Is critical infrastructure the next DDoS target?(CSO) A massive Distributed Denial of Service attack shut down a portion of the internet recently. Experts say it is unlikely a similar attack could take down the grid or other critical infrastructure but acknowledge that security remains weak in the industry
Prepare for the Worst, Hope for the Best(Akamai Blogs) Leading up to the U.S Presidential Election last week, the oracles of the security world were warning of all the possible types of attacks we might see during the day of decision making. We were preparing for attacks against voting machines, disinformation spread through social media platforms, more email leaks, and above all Distributed Denial of Service (DDoS) attacks against everyone from the White House to news sites around the globe. Yet none of these seem to have materialized
AppRiver warns on security threat from games(Mobile World Live) Many top games on Google’s Play Store, with millions of global downloads, want permission for full network access and this can be a major security hazard, warned software security specialist AppRiver
Malware Infections Expected to Spike During 2016 Holiday Shopping Season(Enigma Software) As millions of Americans prepare to spend billions of dollars in online holiday shopping, malware makers are gearing up for a big couple months as well. November and December are typically very busy months for malware infections on computers, and an increase in online holiday shopping is most likely to blame
Jingle Bells, Retail Sells, Attacks are on the Way (Part 2)(Core Security Blog) It’s that time of year where retail booms as the world goes shopping for gifts during the holiday season. It’s the time for retailers to shine. It’s also the time where retailers are most vulnerable to security risks as bad actors gear up to target retailers
Inside the Mind of Cyber Criminals(Recorded Future) To learn more about how cyber criminals operate in the dark web, we asked our own Andrei Barysevich a few questions. Below is what he had to say
Concern and confusion over privacy and security of AR technology(Naked Security) A new study from ISACA has found consumers to be far more positive about the benefits of augmented reality (AR) than IT professionals. While 60% or more of consumers agree that a range of suggested AR applications would improve their life, only 21% of the thousands of business and technology professionals surveyed believe AR benefits outweigh the risks
While consumers remain complacent, hackers refine their skills(Help Net Security) A new Norton Cyber Security Insights Report found that consumers who were victims of cybercrime within the past year often continued their unsafe behavior. For example, while these consumers were more likely to use a password on every account, they were nearly twice as likely to share their password with others, negating their efforts
Invincea Raises $10 Million in Strategic Growth Capital(BusinessWire) Led by ORIX Growth Capital and Comerica Bank, with New Atlantic Ventures, and Harbert Ventures participating, the additional capital will be used to accelerate Invincea’s growth as the company gains broad customer adoption with the industry’s highest performing next-generation antivirus security product
Intel Security looks to rally channel with "edgier" McAfee brand(Channel Life) McAfee is set to be reborn following recent announcements from Intel that it will spin off a majority ownership of its Intel Security Group (ISG) business unit to private investment firm TPG, creating an independent company - one that is far more edgier and with a fresh set of ideas, according to Technology Business Research
Cybereason Joins Coalition for Cybersecurity Policy & Law(PRWeb) Cybereason has joined the Coalition for Cybersecurity Policy & Law to take an active role in working with other public and private organizations to make cybersecurity policies more effective, ensuring a safer internet and making cybersecurity more robust for everyone
VASCO Appoints Scott Clements as President and Chief Operating Officer(Econo Times) VASCO Data Security International, Inc. (NASDAQ:VDSI), a global leader in digital solutions including identity, security and business productivity, today announced that Scott Clements, currently VASCO’s EVP and Chief Strategy Officer, has been appointed President and Chief Operating Officer, effective immediately
Splunk Hires Salesforce.com Marketing Exec As Its New CMO(CRN) Splunk, the developer of operational and machine data management software, is building up its top executive ranks, hiring Saleforce.com marketing executive Brian Goldfarb as the company's new chief marketing officer and Richard Campione for the new post of chief product officer
NetWatcher Offers Complimentary Cyber Promiscuity Score(Broadway World) NetWatcher, a Managed Detection and Response Provider, today announced it is offering a free Cyber Promiscuity Score™ (CPS) as part of its easy to use enterprise-level, Cyber Threat Intelligence solution
Corero Combats Terabit DDoS Attacks With Terabit Scale Protection(Yahoo!) Corero Network Security (CNS.L), a leading provider of real-time security solutions against DDoS attacks, today has announced the ability to provide a Terabit of mitigation capacity with automatic DDoS defense technology at an unprecedented price point
Soltra winds down; what does it mean for STIX/TAXII?(Eclectic iq) STIX/TAXII standards have become “HTML of Cyber Security” and enable widespread, simple and low-cost information sharing for global enterprises across industries. EclecticIQ, top provider of STIX/TAXII-compliant Threat Intelligence Platform, commends Soltra for protecting industry as early adopter
The Army's cyber ops has a data problem(Federal Times) The Army’s cyber operations are challenged by the amount of data flowing through the network, according to the service’s cyber director in the Army’s G-3/5/7 branch
Snoopers’ Charter Passes Lords Test(Infosecurity Magazine) The House of Lords has passed the controversial Investigatory Powers Bill or Snoopers’ Charter and very soon the legislation will enshrine in law for the first time the mass surveillance of the populace by the security services
The US–China Cybersecurity Disconnect(Modern War Institute) The relationship between China and cybersecurity is difficult to unpack, mainly because it does not fit traditional interpretations of how a state regulates operations in other, non-cyber domains. Beijing is the subject of significant criticism about cyber threats that originate within China. The United States government has struggled to respond to China’s cybersecurity posture, but the disconnect between the United States and China is exacerbated by two significant differences
Big Change Coming to Government Hacking Powers(Digital Guardian) In two weeks, the federal government will gain significant new authority to perform remote searches of devices anywhere in the country, with a single warrant. The new power will go into effect on Dec. 1, and though Congress has the ability to prevent that from happening, it’s looking less and less likely that they will
Cybercom Commander: Public-Private Partnerships Needed for Cybersecurity(DoD News) The public-private cybersecurity partnership between private companies and U.S. Cyber Command and other federal agencies has been uneven so far despite some fledgling success, but collaboration is critical given growing threats to everyone from cyberspace, the commander of U.S. Cyber Command said here yesterday
Are data sets the new critical infrastructure?(Federal Times) Philip Quade of the National Security Agency's Cyber Task Force discusses what information should be protected by the Department of Homeland Security as a critical infrastructure
Army Cyber to break ground on Fort Gordon headquarters(US Army) In a ceremony to be held here Nov. 29, Secretary of the Army Eric Fanning will join Army Cyber Command and Second Army commander Lt. Gen. Paul M. Nakasone to break ground on construction for a new Army Cyber headquarters facility that will draw together the Army's Cyber operations, capability development, training, and education in one location
Court Ruling in Palantir-Army Clash Leaves Much In Question(Defense News) The US Court of Federal Claim’s 104-page opinion in the Palantir lawsuit against the US Army sends the service back to do a more thorough analysis of commercially available options for its intelligence analysis framework, but it does not define exactly how the Army should conduct the analysis or what would be considered a satisfactory level of market research
Facebook and WhatsApp - Part II(Wapack Labs) In the United Kingdom, Facebook is once again being prevented from sharing data with their subsidiary WhatsApp
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Versus16(San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing...
Israel HLS and Cyber 2016(Tel Aviv, Israel, November 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach,...
SANS Healthcare CyberSecurity Summit & Training 2016(Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the...
Versus 16(San Francisco, California, USA, November 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing...
Data Breach & Fraud Prevention Summit Asia(Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the
SCSC Cyber Security Conclave 2.0 Conference and Exhibition(Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public...
4th Ethiopia Banking & ICT Summit(Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial...
Insider Threat Program Development Training For NISPOM CC 2(Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered...
Internet of Things (IoT)(Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting...
CIFI Security Summit(Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security...
AlienVault USM Webcast(Online, December 1, 2016) Host-based intrusion detection systems (HIDS), work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating...
Cyber Threats Master Class(Turin, Italy, December 1 - 2, 2016) The UNICRI Masterclass on Cyber Threats aims to provide media and public relations professionals, as well as those planning a career in public information and communication, with a deeper understanding...
Disrupt London(London, England, UK, December 3 - 6, 2016) TechCrunch Disrupt is the world’s leading authority in debuting revolutionary startups, introducing game-changing technologies, and discussing what’s top of mind for the tech industry’s key innovators.
US Department of Commerce Cyber Security Trade Mission to Turkey( Ankara and Istanbul, Turkey, December 5 - 8, 2016) Now is the time to expand in Turkey! The growth and frequency of cyber-attacks in recent years has increased the demand to protect critical data and infrastructure of governments and businesses. Turkey...
Practical Privacy Series 2016(Washingto, DC, USA, December 7 - 8, 2016) This year, the Practical Privacy Series will return to Washington, DC, with its rapid, intensive education that arms you with the knowledge you need to excel on the job. We’re programming some stunningly...
CISO Southern Cal(Los Angeles, California, USA, December 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations...
SANS Cyber Defense Initiative 2016(Washington, DC, USA , December 10 - 17, 2016) Make plans to attend SANS Cyber Defense Initiative 2016 (CDI). SANS is the one educational organization known for developing the cybersecurity skills most in need right now. SANS Cyber Defense Initiative...
Privacy, Security and Trust: 14th Annual Conference(Auckland, New Zealand, December 12 - 14, 2016) This year’s international conference focuses on the three themes of Privacy, Security and Trust. It will provide a forum for global researchers to unveil their latest work in these areas and to show how...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.